With the continual rise of social media as a platform for professional public relations, physicians are increasingly turning to this medium for everything from communicating with patients to showcasing their expertise. Yet for many physicians, navigating the internet is a novel practice. Knowing how to be a safe and appropriate active member of social media is essential to protecting against potential internet-related malpractice suits.

First and foremost, physicians must ensure that they have a solid, knowledgeable team heading up their social-media policy task force. Effective social media management for a physician’s practice not only requires knowledge of social media itself but also knowledge in areas like marketing and internet and/or medical law. If physicians have any doubts regarding their social-media policy, it may be helpful to compare it to policies used by other healthcare practices. It is common for practices to post their social media policy on their website, so a simple online search can assist in determining if a physician’s policy is up-to-date and effective.

According to a Medscape social-media policy article, a good social-media policy should make sure physicians understand that maintaining a professional reputation online is essential for maintaining their overall reputation as respectable, reliable physicians. It should also be made clear that a physician’s social media presence represents the practice as a whole and, to a certain extent, the medical community at large. A good social-media policy educates physicians and their staff about patient-privacy rules and the consequences in not safeguarding patients’ protected health information (PHI) online. Everyone in the practice should be fully aware of both risks to the practice and risks to individuals tied to noncompliance. It is not enough to use words like “be ethical” or “be professional.” A solid policy will be specific in language and will be very clear as to the types of behaviors that can lead to a breach in patient privacy. If PHI were to be disclosed in any way, it would be a violation of federal and state privacy laws and civil lawsuits. Furthermore, it could lead to involvement by the medical board, which not only costs a hefty sum but is also damaging to the reputation of a physician and their practice.

While some privacy breaches like posting patient names or social security numbers are obvious, other breaches may be less clear. Posting photos on social media can quickly go from being an innocent act to a HIPAA violation. For instance, physicians and their staff must approach posting photos patient injuries with extreme caution, even if those photos are not accompanied by any written information specific to the patient. Another photo-associated posting risk occurs when physicians or their staff post photos casually taken in the office but inadvertently capture patient information that is posted on a wall nearby. With the click of a button, this innocent photo can become a significant liability for both the individuals in the picture and for the entire practice. An effective social media policy will also ensure that physicians keep their online professional profiles fully separate from the personal ones to avoid any confusion regarding the professional status of a patient-doctor relationship. Actions like “friending” patients from a physician’s personal Facebook account is extremely ill-advised, as it can quickly damage one’s career and financial state.